Required CVE Record Information
Description
Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the admin_skin parameter.
References 5 Total
- osvdb.org: 35260 vdb-entry
- securityfocus.com: 20070404 Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy mailing-list
- securityfocus.com: 20070607 Re: Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy mailing-list
- securityreason.com: 2578 third-party-advisory
- exchange.xforce.ibmcloud.com: monkeycms-index-file-include(33436) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- osvdb.org: 35260 vdb-entryx_transferred
- securityfocus.com: 20070404 Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy mailing-listx_transferred
- securityfocus.com: 20070607 Re: Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy mailing-listx_transferred
- securityreason.com: 2578 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: monkeycms-index-file-include(33436) vdb-entryx_transferred